CyberSecurity

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information. 

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information. 

Use after free in Windows LDAP – Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network. 

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. 

Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally. 

Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally. 

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. 

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information. 

Access of resource using incompatible type (‘type confusion’) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 

Improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.